<?php
//пароль
if (!defined('INWEB')) return2();
$a=getVar('a');
includeLang('payments');
try
{
    $id=getVar('id','int');
}
catch(Exception $e)
{
    msg($Lang['error'], $e->getMessage(),'error');
    foot($no_head);
    die;
}
switch($a)
{
    case 'add':
        $sql->query("SELECT nr FROM policies WHERE id='$id';");
        if(!$sql->num_rows())
        {
            msg($Lang['error'], $Lang['policy_not_found'],'error');
            foot($no_head);
            break;
        }
        $pol=$sql->fetch_array();
        if($_POST)
        {
            #MUST HAVE
            $nr=getVar('nr', 'int');
            $sum=getVar('sum','float');
            $pay_date=getVar('pay_date','date');
            
            #OPTIONAL
            $rec_date=SQLNull(getVar('rec_date','date',true));
            $bill_nr=SQLNull(getVar('bill_nr','string',true));
            $pay_doc_nr=SQLNull(getVar('pay_doc_nr','string',true));
            $trans_date=SQLNull(getVar('trans_date','date',true));
            $comment=SQLNull(getVar('comment','date',true));
            
            $check=$sql->query("SELECT * FROM payments WHERE id='$id' AND nr='$nr';");
            if($sql->num_rows($check))
            {
                msg($Lang['error'], $Lang['payment_already_exists'],'error');
                foot($no_head);
                break;
            }
            $sql->query("INSERT INTO payments VALUES('$id','$nr','$sum',STR_TO_DATE('$pay_date','%d.%m.%Y'),STR_TO_DATE($rec_date,'%d.%m.%Y'),$bill_nr,$pay_doc_nr,STR_TO_DATE($trans_date,'%d.%m.%Y'),$comment);");
            if($sql->num_rows())
            {
                msg($Lang['success'], $Lang['payment_added']);
                echo '<script type="text/javascript">window.opener.location.reload();</script>';
                echo '<center><input type="button" class="yt_button" value="'.$Lang['close'].'" onclick="window.close();" /></center>';
            }
            else
            {
                msg($Lang['error'], $Lang['payment_failed_add'],'error');
            }
        }
        else
        {
            $sql->query("SELECT max(nr) FROM payments WHERE id='$id';");
            $nr=$sql->result()+1;
            echo '<form action="'.$host.'/?p='.$page.'&amp;no_head&amp;a=add&amp;id='.$id.'" method="post"><table border="1">';
            echo '<tr><th>'.$Lang['pol_nr'].'</th><td><input type="text" name="pol_nr" value="'.$pol['nr'].'" /></td></tr>';
            echo '<tr><th>'.$Lang['nr_p_k'].'</th><td><input type="text" name="nr" value="'.$nr.'" /></td></tr>';
            echo '<tr><th>'.$Lang['sum'].'</th><td><input type="text" name="sum" value="" /></td></tr>';
            echo '<tr><th>'.$Lang['pay_date'].'</th><td><input type="text" name="pay_date" value="" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['rec_date'].'</th><td><input type="text" name="rec_date" value="" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['bill_nr'].'</th><td><input type="text" name="bill_nr" value="" /></td></tr>';
            echo '<tr><th>'.$Lang['pay_doc_nr'].'</th><td><input type="text" name="pay_doc_nr" value="" /></td></tr>';
            echo '<tr><th>'.$Lang['ins_comp_trans_date'].'</th><td><input type="text" name="trans_date" value="" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['comment'].'</th><td><textarea name="comment"></textarea></td></tr>';
            echo '</table><input type="submit" class="yt_button" value="'.$Lang['add'].'" /></form>';
        }
    break;
    case 'edit':
        try
        {
            $nr=getVar('nr','int');
        }
        catch(Exception $e)
        {
            msg($Lang['error'], $e->getMessage(),'error');
            break;
        }
        $sql->query("SELECT nr FROM policies WHERE id='$id';");
        if(!$sql->num_rows())
        {
            msg($Lang['error'], $Lang['policy_not_found'],'error');
            foot($no_head);
            break;
        }
        $pol=$sql->fetch_array();
        $sql->query("SELECT id, nr, sum, DATE_FORMAT(pay_date, '%d.%m.%Y') as pay_date, DATE_FORMAT(col_date, '%d.%m.%Y') as col_date, bill_nr, payment_doc_nr, DATE_FORMAT(transfer_date, '%d.%m.%Y') as transfer_date, `comment`  FROM payments WHERE id='$id' AND nr='$nr';");
        if(!$sql->num_rows())
        {
            msg($Lang['error'], $Lang['payment_not_found'],'error');
            break;
        }
        $pay=$sql->fetch_array();
        if($_POST)
        {
            #MUST HAVE
            $nr=getVar('nr', 'int');
            $prev_nr=getVar('cnr','int');
            $sum=getVar('sum','float');
            $pay_date=getVar('pay_date','date');
            
            #OPTIONAL
            $rec_date=SQLNull(getVar('rec_date','date',true));
            $bill_nr=SQLNull(getVar('bill_nr','string',true));
            $pay_doc_nr=SQLNull(getVar('pay_doc_nr','string',true));
            $trans_date=SQLNull(getVar('trans_date','date',true));
            $comment=SQLNull(getVar('comment','date',true));
            
            $sql->query("UPDATE payments SET `nr`='$nr', `sum`='$sum', `pay_date`=STR_TO_DATE('$pay_date','%d.%m.%Y'), `col_date`=STR_TO_DATE($rec_date,'%d.%m.%Y'), `bill_nr`=$bill_nr, `payment_doc_nr`=$pay_doc_nr, `transfer_date`=STR_TO_DATE($trans_date,'%d.%m.%Y'), `comment`=$comment WHERE `id`='$id' AND `nr`='$prev_nr';");
            if($sql->num_rows())
            {
                msg($Lang['success'], $Lang['payment_updated']);
                echo '<script type="text/javascript">window.opener.location.reload();</script>';
                echo '<center><input type="button" class="yt_button" value="'.$Lang['close'].'" onclick="window.close();" /></center>';
            }
            else
            {
                msg($Lang['error'], $Lang['payment_failed_update'],'error');
            }
        }
        else
        {

            echo '<form action="'.$host.'/?p='.$page.'&amp;no_head&amp;a=edit&amp;id='.$id.'&amp;cnr='.$nr.'" method="post"><table border="1">';
            echo '<tr><th>'.$Lang['pol_nr'].'</th><td><input type="text" name="pol_nr" value="'.$pol['nr'].'" /></td></tr>';
            echo '<tr><th>'.$Lang['nr_p_k'].'</th><td><input type="text" name="nr" value="'.$nr.'" /></td></tr>';
            echo '<tr><th>'.$Lang['sum'].'</th><td><input type="text" name="sum" value="'.$pay['sum'].'" /></td></tr>';
            echo '<tr><th>'.$Lang['pay_date'].'</th><td><input type="text" name="pay_date" value="'.isDate($pay['pay_date']).'" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['rec_date'].'</th><td><input type="text" name="rec_date" value="'.isDate($pay['col_date']).'" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['bill_nr'].'</th><td><input type="text" name="bill_nr" value="'.$pay['bill_nr'].'" /></td></tr>';
            echo '<tr><th>'.$Lang['pay_doc_nr'].'</th><td><input type="text" name="pay_doc_nr" value="'.$pay['payment_doc_nr'].'" /></td></tr>';
            echo '<tr><th>'.$Lang['ins_comp_trans_date'].'</th><td><input type="text" name="trans_date" value="'.isDate($pay['transfer_date']).'" class="tcal" /></td></tr>';
            echo '<tr><th>'.$Lang['comment'].'</th><td><textarea name="comment">'.$pay['comment'].'</textarea></td></tr>';
            echo '</table><input type="submit" class="yt_button" value="'.$Lang['save'].'" /></form>';
        }
    break;
    case 'delete':
        try
        {
            $nr=getVar('nr','int');
            if(isset($_GET['confirm']))
            {
                $sql->query("DELETE FROM payments WHERE `id`='$id' AND `nr`='$nr';");
                if($sql->row_count)
                    msg($Lang['success'], $Lang['pay_success_delete']);
                else
                    msg($Lang['warning'], $Lang['pay_failed_delete'], 'warning');
            }
            else
            {
                msg($Lang['warning'],$Lang['are_u_sure_delete_payment'].' <br /> <a href="?p='.$page.'&a=delete&id='.$id.'&nr='.$nr.'&confirm=1">'.$Lang['yes'].'</a>/<a href="?p='.$page.'">'.$Lang['no'].'</a>"', 'warning');
            }
        }
        catch(Exception $e)
        {
            msg($Lang['error'], $e->getMessage(),'error');
        }
    break;
    case 'delete_all':
        try
        {
            if(isset($_GET['confirm']))
            {
                $sql->query("DELETE FROM payments WHERE `id`='$id';");
                if($sql->row_count)
                    msg($Lang['success'], $Lang['pay_success_delete']);
                else
                    msg($Lang['warning'], $Lang['pay_failed_delete'], 'warning');
            }
            else
            {
                msg($Lang['warning'],$Lang['are_u_sure_delete_payment'].' <br /> <a href="?p='.$page.'&a=delete&id='.$id.'&nr='.$nr.'&confirm=1">'.$Lang['yes'].'</a>/<a href="?p='.$page.'">'.$Lang['no'].'</a>"', 'warning');
            }
        }
        catch(Exception $e)
        {
            msg($Lang['error'], $e->getMessage(),'error');
        }
    break;
    default: //view all payments
        $sql->query("SELECT ins_comp_id, nr, ins_prem, payment_count, comm_rate, add_disc_rate FROM policies WHERE id='$id';");
        if(!$sql->num_rows())
        {
            msg($Lang['error'], $Lang['policy_not_found'], 'error');
            break;
        }
        $pol=$sql->fetch_array();
        echo '<table border="1">';
        echo '<tr><th>'.$Lang['ins_comp'].'</th><td><select>';
        $sql->query("SELECT `id`, `name` FROM `insurance_companies`;");
        while($ins_comp=$sql->fetch_array())
        {
            $sel=$ins_comp['id']==$pol['ins_comp_id']?' selected="selected"':'';
            echo '<option'.$sel.'>'.$ins_comp['name'].'</option>';
        }
        echo '</select></td></tr>';
        echo '<tr><th>'.$Lang['pol_nr'].'</th><td><input type="text" name="pol_nr" value="'.$pol['nr'].'" /></td></tr>';
        echo '<tr><th>'.$Lang['ins_prem'].'</th><td><input type="text" name="ins_prem" value="'.$pol['ins_prem'].'" /></td></tr>';
        echo '<tr><th>'.$Lang['p_count'].'</th><td><input type="text" name="payment_count" value="'.$pol['payment_count'].'" /></td></tr>';
        echo '<tr><th>'.$Lang['comm_rate'].'</th><td><input type="text" name="comm_rate" value="'.$pol['comm_rate'].'" /><b>%</b></td></tr>';
        echo '<tr><th>'.$Lang['add_disc_rate'].'</th><td><input type="text" name="add_disc_rate" value="'.$pol['add_disc_rate'].'" /><b>%</b></td></tr>';
        echo '</table>';
        $sql->query("SELECT id, nr, sum, DATE_FORMAT(pay_date, '%d.%m.%Y') as pay_date, DATE_FORMAT(col_date, '%d.%m.%Y') as col_date, bill_nr, payment_doc_nr, DATE_FORMAT(transfer_date, '%d.%m.%Y') as transfer_date, `comment`  FROM payments WHERE id='$id' ORDER BY nr ASC;");
        if($sql->num_rows())
        {
            echo '<table border="1">';
            echo '<tr><th>'.$Lang['nr_p_k'].'</th><th>'.$Lang['sum'].'</th><th>'.$Lang['pay_date'].'</th><th>'.$Lang['rec_date'].'</th><th>'.$Lang['bill_nr'].'</th><th>'.$Lang['pay_doc_nr'].'</th><th>'.$Lang['ins_comp_trans_date'].'</th><th>'.$Lang['comment'].'</th><th>'.$Lang['actions'].'</th></tr>';
            while($payment=$sql->fetch_array())
            {
                echo '<tr><td>'.$payment['nr'].'</td><td>'.$payment['sum'].'</td><td>'.isDate($payment['pay_date']).'</td><td>'.isDate($payment['col_date']).'</td><td>'.$payment['bill_nr'].'</td><td>'.$payment['payment_doc_nr'].'</td><td>'.isDate($payment['transfer_date']).'</td><td>'.$payment['comment'].'</td><td>';
                echo '<a onclick="openWindow(\'?p=payments&amp;no_head&amp;a=edit&amp;id='.$id.'&amp;nr='.$payment['nr'].'\', \'edit_payment\', 300, 400);"><img src="'.$host.'/img/edit.png'.'" alt="'.$Lang['edit'].'" title="'.$Lang['edit'].'" /></a>';
                echo '<a onclick="openWindow(\'?p=payments&amp;no_head&amp;a=delete&amp;id='.$id.'&amp;nr='.$payment['nr'].'\', \'payments\', 700, 400);"><img src="'.$host.'/img/delete.png'.'" alt="'.$Lang['delete'].'" title="'.$Lang['delete'].'" /></a>';
                echo '</td></tr>';
            }
            echo '</table>';
        }
        echo '<br /><div style="float: right;"><input type="button" class="yt_button" value="'.$Lang['add_payment'].'" onclick="openWindow(\'?p=payments&amp;no_head&amp;a=add&amp;id='.$id.'\', \'add_payment\', 300, 400);" />';
        echo '<input type="button" class="yt_button" value="'.$Lang['delete_all_payments'].'" onclick="openWindow(\'?p=payments&amp;no_head&amp;a=delete_all&amp;id='.$id.'\', \'payments\', 700, 400);" />';
        echo '<input type="button" class="yt_button" value="'.$Lang['close'].'" onclick="window.close();" /></div>';
    break;
}
?>